Detect local X start by socket creation if dropping privileges

twhitehead · twhitehead · commit 85af6460df50 · 2020-06-10T19:30:44.000-04:00
* A depriviledged X cannot send back a SIGUSR1 when it is ready
diff --git a/src/x-server-local.c b/src/x-server-local.c
@@ -64,6 +64,9 @@ typedef struct
     /* TRUE when received ready signal */
     gboolean got_signal;
 
+    /* Poll source ID (fallback for signal if uids differ) */
+    guint poll_for_socket_source;
+
     /* VT to run on */
     gint vt;
     gboolean have_vt_ref;
@@ -391,6 +394,44 @@ got_signal_cb (Process *process, int signum, XServerLocal *server)
     }
 }
 
+static gboolean
+poll_for_socket_cb (XServerLocal *server)
+{
+    XServerLocalPrivate *priv = x_server_local_get_instance_private (server);
+
+    /* Check is X11 socket file exists as an alternative startup test to SIGUSR1 */
+    GStatBuf statbuf;
+    g_autofree gchar *socketpath = g_strdup_printf ("/tmp/.X11-unix/X%d", priv->display_number);
+
+    if ( g_stat (socketpath, &statbuf) == 0 )
+    {
+        uid_t uid = priv->user ? user_get_uid(priv->user) : 0;
+
+        /* It has to be a valid socket file */
+        if (!(statbuf.st_mode & S_IFSOCK))
+            l_debug (server, "X11 socket file is not a socket: %s", socketpath);
+
+        /* It has to be owned by the correct user */
+        else if (statbuf.st_uid != uid)
+            l_debug (server, "X11 socket file is not owned by uid %d: %s", uid, socketpath);
+
+        /* Consider SIGUSR1 to have been recieved */
+        else {
+            priv->got_signal = TRUE;
+            l_debug (server, "Detected valid X11 socket for X server :%d", priv->display_number);
+
+            // FIXME: Check return value
+            DISPLAY_SERVER_CLASS (x_server_local_parent_class)->start (DISPLAY_SERVER (server));
+        }
+
+        /* Cancel the timer as the file showed up */
+        return FALSE;
+    }
+
+    /* Wait another second and check again */
+    return TRUE;
+}
+
 static void
 stopped_cb (Process *process, XServerLocal *server)
 {
@@ -468,7 +509,10 @@ x_server_local_start (DisplayServer *display_server)
     ProcessRunFunc run_cb = X_SERVER_LOCAL_GET_CLASS (server)->get_run_function (server);
     priv->x_server_process = process_new (run_cb, server);
     process_set_clear_environment (priv->x_server_process, TRUE);
-    g_signal_connect (priv->x_server_process, PROCESS_SIGNAL_GOT_SIGNAL, G_CALLBACK (got_signal_cb), server);
+    if (priv->user == NULL || user_get_uid (priv->user) == getuid ())
+        g_signal_connect (priv->x_server_process, PROCESS_SIGNAL_GOT_SIGNAL, G_CALLBACK (got_signal_cb), server);
+    else if (!priv->poll_for_socket_source)
+        priv->poll_for_socket_source = g_timeout_add_seconds (1, (GSourceFunc)poll_for_socket_cb, server);
     g_signal_connect (priv->x_server_process, PROCESS_SIGNAL_STOPPED, G_CALLBACK (stopped_cb), server);
 
     /* Setup logging */
@@ -594,6 +638,11 @@ x_server_local_finalize (GObject *object)
 
     if (priv->x_server_process)
         g_signal_handlers_disconnect_matched (priv->x_server_process, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, self);
+    if (priv->poll_for_socket_source)
+    {
+        g_source_remove (priv->poll_for_socket_source);
+        priv->poll_for_socket_source = 0;
+    }
     g_clear_object (&priv->x_server_process);
     g_clear_pointer (&priv->command, g_free);
     g_clear_object (&priv->user);
